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(54) Transaction authentication system 

(57) A transaction authentication system comprises a microchip card and a terminal. The card has. a ™™n» \ 
PIN data and transaction sequence data. A processor increments the transaction sequence data each tirn JJo ««d w used 
in a transaction, and combines and encrypts the incremented transaction sequence data and a given PIN data -"niponent 
to provide a unique transaction signature. The given PIN data component and the encryption key used .n the 0«naratnn of 
the transaction signature comprise a secret component personal to the user but concealed from the user and known on£ to 
the authoriser. The transaction signature and the incremented transaction sequence data are d.splayed/pnntedrtransmrtted. 
A transaction may be authenticated by means of the authoriser decoding the transaction signature using the incremented 
transaction sequence data and an appropriate decryption key so as to extract PIN data component material, then 
comparing it with that belonging to the card holder. 



At least one drawing originally filed was informal and the print reproduced here is taken from a later filed formal copy. 
The claims were filed later than the filing date within the period prescribed by Rule 25(1 ) of the Patents Rules 1990. 
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TRANSACTION AUTHENTICATION SYSTEM 
The present invention relates to security systems for 
transaction cards, and in particular to a system for 
authenticating individual transactions. 

Transaction cards are very widely used as an alternative 
to cash and invariably contain various features to 
counteract fraudulent use thereof. The card issuers and 
transaction authorisors however continue to suffer 
substantial losses due to by counterfeiting of security 
features whether they be cardholder signatures, 
holographic devices or magnetic stripes on transaction 
documentation or invalid cards as appropriate. The PIN 
(Personal Identification Number) number is acknowledged 
as a useful way of reducing such losses but its usage is 
generally limited to Automated Teller Machines (ATMs) 
designed to hold securely, sensitive data such as 
encryption keys. PINs are not widely used at Point of 
Sale terminals because of the complexity of managing 
them adequately in such a potentially insecure 
environment. Various increasingly sophisticated and 
complex, not to mention expensive, features continue to 
be added to transaction cards to minimise the 
possibility of tampering therewith but there remains a 
major technical problem in finding an effective way to 
authenticate individual transactions, that is, to 
identify and distinguish valid transactions from 
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and said terminal means including memory means holding 
an encryption key for encryption of the combined 
transaction sequence data and given PIN data component 
in a predictable manner so as to provide a unique 
transaction signature, at least one of said given PIN 
data component and the encryption key used in the 
generation of the transaction signature comprising a 
secret component personal to the user but concealed from 
the user and known only to the author isor, at least one 
of said card and terminal means having transaction 
signal output means formed and arranged for providing an 
output signal containing the encoded transaction 
signature and the incremented transaction sequence data, 
whereby in use of the system a transaction may be 
authenticated by means of the authorisor decoding the 
encoded transaction signature using the incremented 
transaction sequence data and an appropriate decryption 
key so as to extract PIN data component material 
contained therein, and comparing the extracted PIN data 
component material with that belonging to the card 
holder. 

Thus with a transaction authentication system of the 
present invention the microchip card is effectively 
modified in a predictable but secure manner each time it 
is used so that for each transaction it will function as 
a "new" card and generate not only an incremented 
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including suitable direct electrical contact means as 
will be further explained hereinbelow. 

In one embodiment of the present invention the given PIN 
data component used in generating the transaction 
signature is simply the PIN data component known to "the 
user and used by him/her in the normal way. In this 
case the secret personal encryption key will of course 
have to be stored on the card. In another, preferred, 
embodiment though there is used a secret personal PIN 
data component, stored on the card in addition to the 
user-known PIN data component, in the generation of the 
transaction signature. In this latter case, there may 
be used a "public" encryption key common to all users 
and possibly also common to different authorisors, and 
this may be stored either on the card or in the 
transaction card terminal means. If desired though a 
secret personal PIN data component system could be used 
in combination with a secret personal encryption key 
system to provide even greater security (both the secret 
personal PIN data component and encryption key being 
stored on the card) . 

Any suitable type of encryption key may be used 
including, for example, an RSA encryption key. Moreover 
there may be used an encryption of the type which can be 
used for both encoding and decoding or a more complex 
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card 2 of the present invention. 

The I/O device 7 has a card receiving slot 8 provided 
with complementary electrical contact means 9a (see Fig. 
3) for coupling with direct electrical contact means 9b 
on the card 2. Desirably the electrical contact means 
9a, 9b are formed and arranged in accordance with a 
suitable ISO standard for microchip card readers. In 
addition the I/O device 7 has a visual display means 
conveniently in the form of an LCD device 10 and a 
keyboard 11 for allowing user entry of PIN data etc. As 
shown in Fig. 3, the keyboard 11 and display device 10 
are connected to an I/O device processor 13 which is 
also connected to a "hard copy" printer device 14, and 
to the communications unit 6. 

The card 2 as shown in Fig. 2 has a processor 15 
connected to the card contact means 9b and also to 
memory storage means comprising a first memory 
(conveniently E 2 PR0M type) 16 for storing both 
user-known and secret personal PIN data components, 
second memory means conveniently (in the form of ROM 
type memory) 17 for storing encryption and other 
programs used in the operation of the card (see below) , 
and third memory means (conveniently of RAM type) 18 for 
holding transaction sequence data. 



BNSDOCID: <GB 2261S38A_I_> 



- 9 - 

means of the encryption key (which may be of any 
suitable kind e.g. an RSA type key) held in the second 
memory means 17 so as to generate a transaction 
signature in a suitable format such as a 512 bit string 
of cyphertext. Again the combination of the transaction 
sequence data with the SCRV may be in a simple 
arithmetical manner or, more desirably, in accordance 
with a more or less complex algorithm in order to 
increase the overall security of the process. 

The card processor 15 then sends the incremented 
transaction sequence data and the encoded transaction 
signature to the I/O device processor 13 which then 
displays these on the I/O device display 10 for 
transcription by the terminal means operator and 
subsequent return to the card authorisor as and when 
required to authenticate the transaction concerned. In 
view of the length and complexity of the transaction 
signature, in practice only part, e.g the first 8 
characters, i.e. the hexadecimal representation of the 
first 3 2 bits of the cyphertext would normally be used 
in this type of operational mode. Alternatively or 
additionally the incremented transaction sequence number 
and the encoded transaction signature are output to the 
printer 14 for recording with other conventional 
transaction data on the till receipt 19 or other 
transaction documentation, with conveniently one copy 
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display of a message on the display means 7 
acknowledging or rejecting the authenticity of the 
transaction • 

various modifications may be made to the above system 
without departing from the scope of the present 
invention. Thus other conventional security features 
such as holograms may be employed on the surface of the 
card. Also the microchip should desirably be embedded 
in the card in such a way as to substantially prevent 
the possibility of replacement of the card without 
serious damage to the card. Furthermore there could be 
used an encryption key which would allow subsequent 
decryption of the encoded transaction signature at 
different levels, e.g. decryption of the full signature 
with a simplified public or general decryption key and 
decryption of part (only) of the signature using a full 
secret decryption key which may moreover be personal to 
the individual card holder. 
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an encryption key for encryption of the combined 
transaction sequence data and given PIN data component 
in a predictable manner so as to provide a unique 
transaction signature, at least one of said given PIN 
data component and the encryption key used in the 
generation of the transaction signature comprising a 
secret component personal to the user but concealed from 
the user and known only to the author isor, at least one 
of said card and terminal means having transaction 
signal output means formed and arranged for providing an 
output signal containing the encoded transaction 
signature and the incremented transaction sequence data, 
whereby in use of the system a transaction may be 
authenticated by means of the authorisor decoding the 
encoded transaction signature using the incremented 
transaction sequence data and an appropriate decryption 
key so as to extract PIN data component material 
contained therein, and comparing the extracted PIN data 
component material with that belonging to the card 
holder. 

2. A system according to claim 1 wherein said terminal 
card interface means is in the form of direct electrical 
contact means. 

3. A system according to claim 1 or claim 2 wherein 
said PIN data component is the PIN data component known 
to the user. 
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10. A system as claimed in claim 1 wherein said card 
has incorporated therein magnetic stripe emulation 
usable in a substantially conventional magnetic reader 
transaction terminal. 

11. A transaction authentication system substantially 
as described hereinbefore with particular reference to 
Figs. 1 to 3 of the accompanying drawings. 
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